Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Crash exploit with Warden plugin #371

Open
4 of 6 tasks
azalty opened this issue Oct 21, 2020 · 2 comments
Open
4 of 6 tasks

[BUG] Crash exploit with Warden plugin #371

azalty opened this issue Oct 21, 2020 · 2 comments
Labels
bug / glitch

Comments

@azalty
Copy link

azalty commented Oct 21, 2020
edited

Help us help you

  • I have checked that my issue doesn't exist yet.
  • I have tried my absolute best to reduce the problem-space and have provided the absolute smallest test-case possible.
  • I can always reproduce the issue with the provided description below.

Describe the bug

A (simple) exploit that creates a lot of spam in chat and can cause a server crash in case of spamming.

To Reproduce

  1. Play as a CT when there's no Warden
  2. Open console and write "sm_w;sm_uw;sm_w;sm_uw;sm_w;sm_uw;sm_w;sm_uw;sm_w;sm_uw;sm_w;sm_uw;sm_w;sm_uw;sm_w;sm_uw"
  3. This will generate a lot of spam in chat. Resend this line multiple times and it will eventually crash.
    (it seems that it only happens (the crash) if you are kicked due to command spam)

Logs

L 10/20/2020 - 20:13:07: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:07: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:07: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:07: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:08: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:08: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:08: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:08: "azalty<103><STEAM_1:1:57298004>" disconnected (reason "#GameUI_Disconnect_TooManyCommands")
L 10/20/2020 - 20:13:08: [SM] Exception reported: Not enough space on the stack
L 10/20/2020 - 20:13:08: [SM] Blaming: MyJailbreak/warden.smx
L 10/20/2020 - 20:13:08: [SM] Call stack trace:
L 10/20/2020 - 20:13:08: [SM] [1] Line 1939, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::CFormat
L 10/20/2020 - 20:13:08: [SM] [2] Line 78, D:\Tools\BasicPawn\sourcemod\scripting\include\colors.inc::CPrintToChat
L 10/20/2020 - 20:13:08: [SM] [3] Line 174, D:\Tools\BasicPawn\sourcemod\scripting\include\colors.inc::CPrintToChatAll
L 10/20/2020 - 20:13:08: [SM] [4] Line 1235, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::OnClientDisconnect
L 10/20/2020 - 20:13:08: [SM] [6] FakeClientCommand
L 10/20/2020 - 20:13:08: [SM] [7] Line 751, Modules/Warden/handcuffs.sp::StripZeus
L 10/20/2020 - 20:13:08: [SM] [8] Line 415, Modules/Warden/handcuffs.sp::HandCuffs_OnWardenRemoved
L 10/20/2020 - 20:13:08: [SM] [9] Line 1894, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::Forward_OnWardenRemoved
L 10/20/2020 - 20:13:08: [SM] [10] Line 1241, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::OnClientDisconnect
L 10/20/2020 - 20:13:08: [SM] [12] FakeClientCommand
L 10/20/2020 - 20:13:08: [SM] [13] Line 751, Modules/Warden/handcuffs.sp::StripZeus
L 10/20/2020 - 20:13:08: [SM] [14] Line 415, Modules/Warden/handcuffs.sp::HandCuffs_OnWardenRemoved
L 10/20/2020 - 20:13:08: [SM] [15] Line 1894, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::Forward_OnWardenRemoved
L 10/20/2020 - 20:13:08: [SM] [16] Line 1241, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::OnClientDisconnect
L 10/20/2020 - 20:13:08: [SM] [18] FakeClientCommand
L 10/20/2020 - 20:13:08: [SM] [19] Line 751, Modules/Warden/handcuffs.sp::StripZeus
L 10/20/2020 - 20:13:08: [SM] [20] Line 415, Modules/Warden/handcuffs.sp::HandCuffs_OnWardenRemoved
L 10/20/2020 - 20:13:08: [SM] [21] Line 1894, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::Forward_OnWardenRemoved
L 10/20/2020 - 20:13:08: [SM] [22] Line 1241, D:\Documents\Repos\MyJailbreak\addons\sourcemod\scripting\MyJailbreak\warden.sp::OnClientDisconnect

Environment

  • Operating System version: N/A
  • Current SourceMod version: 1.10.0.6492
  • Current Metamod: Source snapshot version: 1.10.7-dev
  • Current MyJailBreak version: https://shanapu.de/MyJailBreak/ - last dev version
@azalty
Copy link
Author

azalty commented Dec 6, 2020
edited

Also, the handcuffs module doesn't fully disable itself.

For exemple, when doing sm_uw the warden will lose his taser. handcuffs.sp also appears in crash log

This is probably linked to the crash, so I just add it as a comment.

@azalty
Copy link
Author

azalty commented Jan 28, 2021
edited

Critical bug, currently being exploited on my server. People probably found this issue. Will write a fix and get more info soon.

This was referenced Jan 28, 2021
Open
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug / glitch
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@azalty